registry  /  @agegr/pi-web  /  0.7.11

@agegr/pi-web@0.7.11

Web UI for the pi coding agent

AI Security Review

scanned 5d ago · by lpm-firewall-ai

No confirmed malicious attack surface. The user-invoked CLI launches the bundled local Next application and opens its local URL after readiness.

Static reason
No blocking static signals were detected.
Trigger
User runs `pi-web`.
Impact
No install-time execution, stealth persistence, or unconsented external exfiltration established.
Mechanism
Local Next server launcher and user-facing pi agent UI.
Rationale
Direct inspection shows a packaged local web UI with no lifecycle hooks; its child-process use is a user-invoked Next launcher. The flagged favicon body is a normal PNG asset, and no concrete malicious chain was found in inspected runtime routes.
Evidence
package.jsonbin/pi-web.jsnext.config.ts.next/server/app/favicon.ico.body.next/server/app/api/skills/search/route.js.next/server/app/api/models-config/route.js

Decision evidence

public snapshot
AI called this Clean at 93.0% confidence as Benign with low false-positive risk.
Evidence for block
    Evidence against
    • package.json has no preinstall/install/postinstall hooks.
    • bin/pi-web.js runs only when the user invokes pi-web.
    • bin/pi-web.js starts local Next on localhost/selected host.
    • favicon.ico.body is a 22,542-byte PNG, not a payload.
    • Compiled API routes match the documented local pi UI features.
    • No hidden credential harvesting or foreign agent-control mutation found.
    Behavioral surface
    Source
    ChildProcessEnvironmentVarsFilesystem
    Supply chainNo supply-chain packaging signals triggered.
    ManifestNo manifest risk signals triggered.
    scanned 2 file(s), 3.55 KB of source

    Source & flagged code

    2 flagged · loading source
    .next/server/app/favicon.ico.bodyView file
    path = .next/server/app/favicon.ico.body kind = high_entropy_blob sizeBytes = 22542 magicHex = [redacted]
    High
    Ships High Entropy Blob

    Package ships high-entropy non-source blobs.

    .next/server/app/favicon.ico.bodyView on unpkg
    path = .next/server/app/favicon.ico.body kind = payload_in_excluded_dir sizeBytes = 22542 magicHex = [redacted]
    High
    Payload In Excluded Dir

    Package hides binary, compressed, or executable-looking payloads in test/fixture/hidden paths.

    .next/server/app/favicon.ico.bodyView on unpkg

    Findings

    2 High2 Medium2 Low
    HighShips High Entropy Blob.next/server/app/favicon.ico.body
    HighPayload In Excluded Dir.next/server/app/favicon.ico.body
    MediumEnvironment Vars
    MediumStructural Risk Force Deep Review
    LowScripts Present
    LowFilesystem